AML.T0019

Publish Poisoned Datasets

Adversaries may [Poison Training Data](/techniques/AML.T0020) and publish it to a public location. The poisoned dataset may be a novel dataset or a poisoned variant of an existing open source dataset. This data may be introduced to a victim system via [AI Supply Chain Compromise](/techniques/AML.T0010).

4 CVEs mapped View on MITRE ATLAS →

Severity	CVE	Headline	Package	CVSS
HIGH	CVE-2026-33310			8.8
HIGH	CVE-2025-58757	MONAI: unsafe pickle deserialization RCE in data pipeline	monai	8.8
MEDIUM	CVE-2025-3044	llama-index ArxivReader: MD5 collision corrupts training data	llama-index-readers-papers	5.3
HIGH	CVE-2026-41486	Ray: Parquet RCE via Arrow extension deserialization	ray	—